AZL-9333 CVE-2022-28805 affecting package lua for versions less than 5.4.3-2

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...